feat(fw): Models + Repos für Firewall-v2 (6 Entities)

Models (internal/models/): * FirewallAddressObject (host|network|range|fqdn) * FirewallAddressGroup mit MemberIDs gorm:"-"-Slice * FirewallService (proto+ports, builtin-Flag) * FirewallServiceGroup mit MemberIDs * FirewallRule (v2-Shape, src/dst nullable refs, exactly-one-of-Validation in Handler-Layer) * FirewallNATRule (kind=dnat|snat|masquerade, alle nullable) Repos (internal/services/firewall/, ein Paket): * AddressObjectsRepo, AddressGroupsRepo (mit Members-Junction-Ops) * ServicesRepo (refused Update/Delete für builtin=TRUE Rows), ServiceGroupsRepo * RulesRepo, NATRulesRepo Jeweils Standard-CRUD; Group-Repos handhaben Members atomic in einer TX (Update ersetzt komplette Membership). Handler + Renderer-Rewrite + Frontend folgen in den nächsten Commits. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-10 09:40:08 +02:00
parent e517783c42
commit 0307dc68bb
13 changed files with 1009 additions and 0 deletions
--- a/internal/models/firewall_address_object.go
+++ b/internal/models/firewall_address_object.go
@@ -0,0 +1,15 @@
+package models
+
+import "time"
+
+type FirewallAddressObject struct {
+	ID          int64     `gorm:"primaryKey"               json:"id"`
+	Name        string    `gorm:"column:name;uniqueIndex"  json:"name"`
+	Kind        string    `gorm:"column:kind"              json:"kind"` // host|network|range|fqdn
+	Value       string    `gorm:"column:value"             json:"value"`
+	Description *string   `gorm:"column:description"       json:"description,omitempty"`
+	CreatedAt   time.Time `gorm:"column:created_at"        json:"created_at"`
+	UpdatedAt   time.Time `gorm:"column:updated_at"        json:"updated_at"`
+}
+
+func (FirewallAddressObject) TableName() string { return "firewall_address_objects" }